REMARKS 

[0007] Applicant respectfully requests reconsideration and allowance of all 
of the claims of the application. Claims 1-11 and 13-28 are presently pending. 
Claims 1, 13-17, and 19 are amended herein. Claim 12 is cancelled herein. 
New claim 28 is added herein. 

Formal Request for an Interview 

[0008] If the Examiner's reply to this communication is anything other than 
allowance of all pending claims and there only issues that remain are minor or 
formal matters, then I formally request an interview with the Examiner. I 
encourage the Examiner to call me — ^the undersigned representative for the 
Applicant — so that we can talk about this matter so as to resolve any outstanding 
issues quickly and efficiently over the phone. 

[0009] Please contact me to schedule a date and time for a telephone 
interview that is most convenient for both of us. While email works great for me, I 
welcome your call as well. My contact information may be found on the last page 
of this response. 

Claim Amendments and Addition 

[0010] Without conceding the propriety of the rejections herein and in the 
interest of expediting prosecution, Applicant amends claims 1, 13-17, and 19 
herein. Applicant amends claims to clarify claimed features. The amendments 
are made to expedite prosecution and are merely intended to highlight the 
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claimed features. The amendments should not be construed as further limiting 
the claimed invention in response to the cited document. 

[0011] Claims are amended to highlight statutory subject matter. Support 
for the amendments to the claims is found at least in Figure 1 and the 
corresponding discussion in the specification. 

[0012] Furthermore, Applicant adds new claim 28 herein, which is fully 
supported by Application at least at page 13 and therefore do not constitute new 
matter. New claim 28 is asserted allowable over the cited reference at least by 
virtue of dependence from claim 1, discussed below. 

Substantive Matters 

Claim Rejections under S 112 2"^ H 

[0013] Claim 17 is rejected under 35 U.S.C. § 112, 2"^ fl. Applicant 
respectfully traverses this rejection. Furthermore, in light of the amendments 
presented herein, Applicant submits that this rejection is moot. Accordingly, 
Applicant asks the Examiner to withdraw the rejection. 

Claim Rejections under S 101 

[0014] Claims 1-12 are rejected under 35 U.S.C. § 101. Applicant 
respectfully traverses this rejection. Furthermore, in light of the amendments 
presented herein, Applicant submits that these rejections are moot. Accordingly, 
Applicant asks the Examiner to withdraw these rejections. 
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[0015] If the Examiner maintains the rejection of these claims, then 
Applicant requests additional guidance as to what is necessary to overcome the 
rejection. 



Claim Rejections under S 102 

[0016] The Examiner rejects claims 1-27 under § 102(a) being anticipated 
by TechNet. Applicant respectfully traverses the rejection of these claims. For 
the reasons set forth below, the Examiner has not shown that the cited document 
anticipates the rejected claims. Accordingly, Applicant respectfully requests that 
the Examiner withdraw the rejections of these claims. 

[0017] The Examiner's rejections are based upon TechNet: TechNet, How 
Security Descriptors and Access Control Lists Work, Microsoft® TechNet, 
Updated March 28, 2003. 

Overview of the Application 

[0018] The Application describes a technology for evaluating modifications 
to security information associated with accessing an object. Evaluations are 
performed to determine if excessive access rights or permissions have been 
granted on the object, which could lead to compromised security. A security 
verifier intercepts the security information and determines if an identified owner 
constitutes an untrusted security entity. If so, a notification to that effect is 
issued. The security verifier also determines whether access rights granted to 
other entities create a security threat. If so, a notification to that effect is issued. 
Multiple levels of potential threat may be employed, and notifications of varying 
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severity may be used to illustrate the disparity between the multiple levels of 
threat. 

Overview of TechNet 

[0019] TechNet is a document published by the assignee of the instant 
application. The document generally describes how security descriptors and 
access control lists work. 

[0020] Applicant submits that the anticipation rejections are not valid 
because, for each rejected claim, the cited document does not disclose each and 
every element of each rejected claim. ^ Furthermore, the elements disclosed in 
the document are not presented with as much detail as contained in the claims. 

Independent Claim 1 

[0021] Applicant submits that TechNet does not anticipate this claim 
because it does not disclose at least the following features as recited in this claim 
(as amended to address §101 and with emphasis added): 

• intercepting a message at the computing device that modifies security 
information associated with an object, the security information 
identifying an owner of the object and an entity that has access to 
the object; 



' "A claim is anticipated only if each and every element as set forth in the claim is found, either expressly 
or inherently described, in a single prior art reference." Verdegaal Bros. v. Union Oil Co. of California, 814 F.2d 
628, 63 1, 2 USPQ2d 1 05 1 , 1 053 (Fed. Cir. 1 987); 'The identical invention must be shown in as complete detail as is 
contained in the ... claim." Richardson v. Suzuki Motor Co,, 868 F.2d 1226, 1236, 9 USPQ2d 1913, 1920 (Fed. Cir. 
1989); also see MPEP §2131. 
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• determining, at the computing device, if the owner exceeds a first 
threshold security level, and if so, issuing a first notification that the 
owner exceeds the threshold security level; and 

• determining, at the computing device, if the entity that has access to 
the object exceeds a second threshold security level, and if so, 
issuing a second notification that the entity exceeds the second 
threshold security level. 

[0022] The Office Action indicates (Action, pp. 3-4) the following with regard 
to this claim: 

with resp^ to Claim 1: 

Tectinei discloses a computef-exeoitaWe method, comprising: 
8 . intercepting a message that modifies security information associated with 
an object, the seairit)r information identifying an owner of the object and an entity 
that haa access to the object (T ecfinet. Page 1 8. The canonical order also 
ensure? that all etpWot ACEa are processed before any inherited ACE, This is 
consistent with the concept of discretionary access control ; access to a child 
object is at the discretion of the child'a owner, not the paient's owi^.^); 
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b. de(«nnfning [f ttie owner exceeds a first Ifineshotd security level, end if so» 
issuing e flrst notification ^st the ovvner exceeds the threshold security level 
(Technei, Page 3, "The SACL is simiflar to the OACL wcept that the SACL is 
used to audit rather than control access to an object. Wtien an dudiited actiOT 
occurs, the operating system records the event In the security log."* and Page 10, 
""An ACL is an ordered list of ACEs define the protections that apply to an 
object and its properfies. Each ACE Identrfies a security principal and specifies a 
set of access rights that are allowed, denied, or audiited for that security 
principal/); and 

c. determining if ttie entity that has access lo tie object exceeds a seoond 
threshold security level, and if so, issuing a second notification that (he enSty 
exceeds the second threshold security level {(Technet, Page 3, "The SACL is 
Sim liar to the DACL except that tie SACL is used to ayidtt ralher than control 
access to an object, When an audiited action ooour^. the operating system 
records the event in the security log.'' and Page 10, •An ACL is an ordered list of 
ACEs that define the protections that apply to an objed and its properties. Each 
ACE identifies a security principal and specifies a set of access rights that are 
aik)wed» denied, or audited for that security principal.'*). 

[0023] Applicant notes that "being consistent with the concept of 
discretionary access control" is not sufficient to anticipate the claimed feature 
"intercepting a message at the computing device that modifies security 
information associated with an object, the security information identifying an 
owner of the object and an entity that has access to the object." 
Furthermore, the same passages are cited to reject both "determining, at the 
computing device, if the owner exceeds a first threshold security level, and if 
so, issuing a first notification that the owner exceeds the threshold security level" 
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and "determining, at the computing device, if the entity that has access to the 
object exceeds a second threshold security level, and if so, issuing a second 
notification that the entity exceeds the second threshold security level" of the 
claim, although, as highlighted for the convenience of the Office, the features are 
distinct. 

[0024] Consequently, TechNet does not disclose all of the elements and 
features of this claim. Accordingly, Applicant asks the Examiner to withdraw the 
rejection of this claim. 

Dependent Claims 2-11 and 28 

[0025] These claims ultimately depend upon independent claim 1. As 
discussed above, claim 1 is allowable over the cited document. It is axiomatic 
that any dependent claim which depends from an allowable base claim is also 
allowable over the cited document. Additionally, some or all of these claims may 
also be allowable for additional independent reasons. 

Independent Claim 13 

[0026] Applicant submits that TechNet does not anticipate this claim for at 
least similar reasons as those discussed above regarding claim 1. Although the 
Office cites the same passages of TechNet as anticipating, the document does 
not disclose each feature and element of the claim in as complete detail as 
recited In the claim. Thus, Applicant respectfully requests that the rejection of 
claim 1 3 be withdrawn. 
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Dependent Claims 14-18 

[0027] These claims ultimately depend upon independent claim 13. As 
discussed above, claim 13 is allowable over the cited document. It is axiomatic 
that any dependent claim which depends from an allowable base claim is also 
allowable over the cited document. Additionally, some or all of these claims may 
also be allowable for additional independent reasons. 

Independent Claim 19 

[0028] Applicant submits that TechNet does not anticipate this claim 
because it does not disclose at least the following features as recited in this claim 
(as amended to address §101 and with emphasis added): 

• intercepting a message that affects security information of an object 
by a security verifier having a security descriptor evaluator 
component configured to intercept the message that affects security 
information of an object, and 

• evaluating, by the security verifier a security identifier associated 
with an entity having access rights to the object, the evaluation 
including a determination whether the entity is categorized as other 
than trusted, the security descriptor evaluator component being further 
configured to issue a notification if the entity is categorized as other 
than trusted 
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[0029] The Office Action indicates (Action, pp. 11-12) the following with 
regard to this claim: 

44. With respect to ClaEm 10: 

45. Technet discloses a computer-readable inediunri having computer-executable 
oomponenls. comprising: 

h. a security veriHer having a securily descr^tor evsluator component 
conr^ured to iiteroept a message that affeds security information or an obped, 
and to evaluate a security identiffer asdodated with an entity haviiig aooass nghts 

to the objeci. the evaluation indudimg a detemiination whether the entity is 
categorized as other than trusted, the security descriptor evaluator oontponent 
beirtg rurther configurad to issue a notirtcalion If the entity is categorized as other 
tSi^ trusted (Tec^net, . Page 16. "The canonica] order also ensures tliat all 
explicit ACEs are processed before any inherited ACE. This is consistent with the 
concept of discretionary aiccess ccntn^l: access to a child obfect is at the 
discretion or tt^ child's owner, not the pdfent'e Oivner.**, Page 3, "The SAOL is 
simiar (o the DACL except that the SACL is used to audi! rather then control 
act^ss to an object. When an audited action occurs, the operating system 
records ttte event in the security log." and l^age id. *An ACL is an ordered list ed 
ACES that define the protections that apply to an bt^iect and Us pfx^rtiee. Each 
ACE identines a decurily prindped and specifies a set of access r^hts that ere 
allowed, denied, or audited for that seourily principal."). 

[0030] Although the Office cites the same three passages of TechNet as 
anticipating, the document does not disclose each feature and element of the 
claim in as complete detail as recited in the claim. Furthermore, Applicant 
submits that TechNet does not anticipate this claim for at least similar reasons as 
those discussed above regarding claim 1. Thus, Applicant respectfully requests 
that the rejection of claim 1 9 be withdrawn. 
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Dependent Claims 20-27 

[0031] These claims ultimately depend upon independent claim 19. As 
discussed above, claim 1 9 is allowable over the cited document. It is axiomatic 
that any dependent claim which depends from an allowable base claim is also 
allowable over the cited document. Additionally, some or all of these claims may 
also be allowable for additional independent reasons. 

Dependent Claims 

[0032] In addition to its own merits, each dependent claim is allowable for at 
least the same reasons that its base claim is allowable. Applicant requests that 
the Examiner withdraw the rejection of each dependent claim where its base 
claim is allowable. 
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Conclusion 



[0033] 



All pending claims are believed to be in condition for allowance. 



Applicant respectfully requests reconsideration and prompt Issuance of the 
application. If any issues remain that prevent issuance of this application, the 
Examiner Is urged to contact me before issuing a subsequent Action . 
Please call or email me at your convenience. 

Respectfully Submitted, 

Lee & Hayes, PLLC 
Representatives for Applicant 

/Bea Koempel-Thomas 58213/ Dated: 03/10/2009 
Beatrice L. Koempel-Thomas (bea@leehayes.com; 509-944-4759) 
Registration No. 58213 

Assistant: Cherri Simon (cherri@leehayes.com; 509-944-4776) 

Customer No. 22801 

Telephone: (509) 324-9256 
Facsimile: (509) 323-8979 
www.leehaves.com 
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